Final Presentation for NACORE 2016.pptx

8/18/2019 Final Presentation for NACORE 2016.pptx

1/12

on

ANALYSIS OF DIFFERENT MIATTACK TYPES IN CLOUD

COMPUTING WITH THEIRRESPECTIVE SOLUTIONS

BY

PRIYANKA MISH

!

ASHUTOSH SIN

NACORE "#$%


2/12

S&enario o' C(o)* Co+,)tin-

Cloud computing model is a rapidly growing concept in the feld provides the ollowing services to their customers;

Enables ubiquitous conventional on!demand access to share

computing resources

"nlimited and ree o cost storage space to #eep our data ove

$etrieval o data anytime and anywhere

Transaction o data rom cloud server to client%s system

&utomated bac#up.

Even ater all these avorable cloud serv

drawbac# o security issues in cloud which ma#es the c

concerned. 'IT' attac#s are one o the main concern to be


3/12

Ke. &on&e,t o' Man/in/t0eMi**(e Atta&1

& 'an!in!the!middle attac# is a type o cyberattac# where actor inserts him)hersel into a conversation between tw

impersonates both parties and gains access to inormatio

two parties were e*changing with each other.

'an!in!the!middle attac# allows a malicious actor to inter

and receive data meant or third party or not meant to be

without either outside party #nowing until it is too late.


4/12

E2a+,(e o' o&&)rren&e o' MITM attao3er &(o)*


5/12

T.,es o' MITM atta&1 an* t0eirres,e&ti3e so()tions

'&-!I-!TE!'I//0E &TT&C

2rapping&ttac# Impersonating&ttac# 3looding &ttac# 4rowser &ttac#


6/12

$4Wra,,in- Atta&1 or 5ML Si-nat)re A

Sit)ation o' atta&1 /uring the message passing usmessages rom web server to a web browser an unauthorise

can intercept in T05 layer. The body o the message is replsent to the server as an authentic user. The server cauthentication by the 5ignature 9alue :which is also duplicintegrity chec#ing or the message is done. In this way the able to interere in the cloud and can run malicious code tothe usual unctioning o the cloud servers.Possi6(e so()tion 2e can add a redundant bit :5T&'8 bi

57&8 headerspecifcally or the appended signature value and this bswitched)toggled when the message is interered witunauthorised party during the transer. 2hen it is receivdestination the 5T&'8 bit is chec#ed frst and i it is ounthen a new signature value is generated in the browser en

new value sent bac# to the server as recorded to mauthenticity chec#ing.


7/12

"4 I+,ersonatin- Atta&1

Sit)ation o' atta&1 Impersonating attac# can ta#e plaorms;

P0is0in- atta&17 where the users are made to believe thainteracting with valid server by creating a web page that loto the valid server page.

Veri8er i+,ersonation atta&1 where the attac#er acverifer and lure the customer to share the authentication #e

which may then be used to authenticate alsely to the verifePossi6(e so()tion In a cloud environment impersonating be moderated by using two!actor and multi actor authmechanisms that rely on personally identifable inormatioaddition to passwords. 8rivacy enhancing protocols that secuand avoid storage o secrets can also help cloud provideimpersonation attac#s under control.


8/12

94 F(oo*in- Atta&1

Sit)ation o' atta&1 I' an intruder gets the authori>ationrequest to the cloud then it can easily create bogus data and

requests to the cloud server. 2hile e*ecuting these requestsfrst chec#s the authenticity o the requested ?obsunauthenticated requests must be chec#ed to veriy their vprocess o chec#ing consumes C8" utili>ation memory and Iaa5 to a great e*tent. 2hile processing these requestsservices can starve and as a result the server will o@oad its

another server. &gain the same thing will occur and the adengage the whole cloud system ?ust by interrupting the usuao one server in essence Aooding the system.Possi6(e So()tion 3or the prevention o Aooding attac# environment we propose the concept o organi>ing all the seAeet o server over the cloud environment in such a way soAeet o servers are supposed to perorm the ?obs accordinspecifcations.


9/12

:4 Bro;ser Atta&1

Sit)ation o' atta&1 In 4rowser attac# the spurious user sby destructing signature and sabotaging encryption while t57&8 messages between web browser and web server. Tconsider the adversary as a authenticated user and procommunication and requests with web server which causes brover cloud.Possi6(e So()tion The proposed solution to stop data ste

at the end o every session the customer will send an e!'ausage and duration with a special number to be used or log In this way the customer will be aware o the usage and chargbe availed with a unique number to be used every time tosystem.


10/12


11/12

Possi6(e so()tions "sing encrypted communication D authentication o the T05 always is the only and reliaprevent)detect Stri,,in- atta&1 . This means in practice thae*change the server and the user end up with certain share#eys.

3or preventing Sni=n- atta&1 cloud vendors must constru

browsers that apply 25!5ecurity concept. 25!5ecurity provide

encryption and does not have to be decrypted at interm

Consequently attac#ers are unable to sniH and gain plain messages at the intermediary hosts.Con&()sion 'IT' attac#s are the most common typimplemented by the unauthorised users over cloud. Thus to reliability o the cloud users we must be aware o these attac#and should employ the more stringent layers o security toprevent such attac#s to protect the confdential data ovimplementing all the above possible solutions or their respectivcan avoid the attac#er%s intention to e*ploit the data over cloud


12/12

THANK YOU

Documents

Final Presentation for NACORE 2016.pptx